Cast

Level 1
5a356c8b3a8925.0415509615134506352398.png
I am creating this post so that we share the methods that are implemented to disinfect or show hidden files modified by viruses in removable usb memory.

1. From file explorer> view> show hidden files> scan with antivirus

2. Scan directly with antivirus

3. Adwcleaner to usb

4. Malwarebytes to usb

I would like to know what method they implement to make this type of scene.

Someone uses bat, or something like that. Thank you.
 

struppigel

Moderator
Verified
Staff member
Since you know you are dealing with malware, I'd recommend to either use a VM as already suggested or use a Live Linux, e.g., Puppy Linux, to access and scan the drive.
I would not risk putting this into a machine that is used for anything else than malware analysis. E.g. if you find a USB drive on the parking lot or similar, don't do this.

It's a different thing if your machine is already infected by the same malware and you are in the process of disinfecting everything.
In that case you clean the main machine first (otherwise it will just infect the USB drive again). Then you clean the infected USB flash drives. Inserting them while keeping SHIFT key pressed will suppress autorun.
Then you can scan with AV and, e.g., USBFix which is specialized on detecting and removing worms from removable media.
Since the machine was already infected by the same malware, you are not making things worse at that point if anything goes wrong.
 
Top